CVE-2022-4033

🗓️ 29 Nov 2022 20:25:26Reported by WordfenceType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 48 Views

The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation. Attackers can inject content other than the specified value

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2022-4033	30 Nov 202200:29	–	circl
CNNVD	WordPress plugin Quiz and Survey Master 输入验证错误漏洞	29 Nov 202200:00	–	cnnvd
CNVD	WordPress Quiz and Survey Master plugin input validation error vulnerability	30 Nov 202200:00	–	cnvd
Cvelist	CVE-2022-4033 Quiz and Survey Master <= 8.0.4 - Improper Input Validation	29 Nov 202220:25	–	cvelist
EUVD	EUVD-2022-51412	3 Oct 202520:07	–	euvd
NVD	CVE-2022-4033	29 Nov 202221:15	–	nvd
OSV	CVE-2022-4033	29 Nov 202221:15	–	osv
Prion	Input validation	29 Nov 202221:15	–	prion
Positive Technologies	PT-2022-25351 · WordPress · Quiz/Survey Master	29 Nov 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-4033	23 May 202500:16	–	redhatcve

NVD

Vulners

Node

expresstech quiz_and_survey_masterRange≤8.0.4wordpress

[
  {
    "vendor": "expresstech",
    "product": "Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "8.0.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/vulnerability-advisories-continued/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/9f5cc779-c7de-42e6-a812-5c0539067b8c
plugins	www.plugins.trac.wordpress.org/changeset

08 Apr 2026 18:17Current

5.1Medium risk

Vulners AI Score5.1

CVSS 3.15.3

EPSS0.00368

SSVC

CWE-20